Software Integrity

Learn defensive programming for HTML5 in a day

HTML5 is the fifth revision of the HTML standard. HTML5 and its integration with JavaScript introduce new security risks that require careful consideration when writing web front-end code.

Modern web-based software, including mobile web front-end applications, make heavy use of innovative JavaScript and HTML5 browser support to deliver advanced user experiences. Front-end developers focus their efforts on creating this experience. They are generally not aware of the security implications of the technologies they use.

Defensive programming in HTML5

This course helps web front-end developers understand the risks involved with manipulating the HTML Document Object Model (DOM) and using the advanced features of JavaScript and HTML5 (e.g., cross-origin resource sharing, local storage, and content security policy).

The traditional classroom delivery format reinforces some important security aspects of modern browser architecture and presents defensive programming techniques that can be immediately applied to prevent the introduction of common vulnerabilities. Additionally, the course provides a detailed description of typical JavaScript sources and sinks, and explains how they can be used to detect problems in code.

What are the objectives?

After successfully completing this course, attendees will be able to identify the attack surface of a web application and apply HTML5, JavaScript, and JSON defensive programming techniques.